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[57] ABSTRACT 

An encryption control system to process an input transport 
data stream into an output transport data stream includes an 
input demultiplexer, a first secure microprocessor, a second 
secure microprocessor and an output multiplexer. The input 
transport data stream includes first entitlement managment 
message data. The input demultiplexer culls the first entitle- 
ment managment message data from the input transport data 
stream, the first entitlement management message data 
including an encrypted multi-session key. The first secure 
microprocessor processes the first entitlement management 
message data to recover the multi-session key by decrypting 
the encrypted multi-session key using a first algorithm. The 
second secure microprocessor re -encrypts the multi -session 
key using a second algorithm and formats second entitle- 
ment management message data based on the first entitle- 
ment management message data with the re-encrypted 
multi-session key substituted for the encrypted multi-session 
key. The output multiplexer provides the output transport 
data stream based on the input transport data stream with the 
second entitlement management message data substituted 
for the first entitlement management message data. 

7 Claims, 10 Drawing Sheets 
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APPARATUS AND METHOD FOR LOCAL serial number (used as an address). In FIG. 2A, secret serial 

ENCRYPTION CONTROL OF A GLOBAL number SSN and public serial number PSN for a particular 

TRANSPORT DATA STREAM decoder are retrieved from memory 18. Secret serial number 

SSN is provided to encrypter 26, and public serial number 

BACKGROUND OF THE INVENTION s PS N is provided to multiplexer 20. When the bill has been 

1. Field of the Invention timely paid, multiplexer 20 prepares encrypted multi-session 

The present invention relates to conditional access cable ke y f or transport to the decoder whose address is public 

television systems. In particular, the invention relates to a senal numbcr PSN - 

system by which a local cable headend operator may control In FIG. 2B, the corresponding secret serial number SSN 

access by his subscribers to a global or national transport 10 ^ associated public serial number PSN is stored in 

data stream. memory 32 of decoder 40. Public serial number PSN is 

2 Description of Related Art provided to demultiplexer 30 so that demultiplexer 30 can 

FIG. 1 A depicts conventional encryptor 2. Unencrypted f ec ' " ' eD «VP ted multisession key addressed to the 

payload data UPD is processed using encryption key EK „ decod , er 40 u ^ P ubUc ""f n Y mber PSN w ^ ch corre " 

into encrypted payload data at output OUT of encryptor 2. 15 *P° nd i to ^ ^ret senal number from tr^port data stream 

FIG. IB depicts conventional decryptor 4. Encrypted pay- TO ^ Encrypted I multi-session key E s?f (MSK) * decrypted 

1 i * 4 rTin . * j i • m decryptor 34 using secret senal number SSN from 

load data EPD is processed using decryption key DK in ., s , . " „ ™ ^ 7 

decryptor 4 to produce decrypted payload data at output mcmor >L ft 32 ; o *™ ld * niulti-session key MSK. Demulti- 

OUT of decryptor 4. 9n plexer 3 ° ak ° ^ ^ 

urn *> a a * i , mniriDj encrypted seed E MSK (SEED). The encrypted seed is pro- 

2A d ^ cts TlT? n tT°, ? l ° 2B ^ « cessed in decr yPtor 36 using multi-session key MSK as the 

conventional decoder 40. In FIG. 2A service provider 12 decryption kcy to ide the une ncrypted seed. Hie unen- 

provides digital services, for example, MPEG encoded d ^ fefab g at ft for 

motion pictures digital sound recordings, software, games ^ ^ Demulti lexer 30 also selects from 

etc., for transport to decoder 40. The service is encrypted 25 Qrt ^ stfeam JDS ted service £ 

under a seed from pseudo-random number seed generator (SERVICE) . ^ ted XIv]xx ^ essed in de 

14. Encryptor 22 processes the service data usmg the seed as 38 usifl ^ ^ ^ ^ d tion k to recover the 

the encryption key to produce encrypted service E^ unencrypted service. 

(SERVICE). The encrypted service is combined in multi- rtl , * . , „. , 

plexer 20 and placed into transport data stream TDS. In 30 , T me *° s m koa ^ for r of multi-session 

order for decoder 40 to recover the service data from the ke ^ MSK For exam P^ in U S ' No ' 5,029^07 to 

encrypted service data, decoder 40 must be provided with pammie, incorporated herein by reference, multi-session 

the seed ^ MSK is twice encrypted at the encoder and twice 

m_ j • j * i *l * j * iL i * j i * ttvc decrypted in the decoder, first in a replaceable security 

The seed is distributed in the transport data stream TDS / , , lt _ . n : - . * A r iL , , J 

. i . . /. ii » , r • *u j , ,i module and then in a fixed security element or the decoder, 

in a broadcast mode (i.e., all decoders receive the seed at the 35 ' 

same time). The seed must be encrypted to avoid exploita- Furthermore, in order to defeat data pirates, memory 32. 

tion by possible data pirates. The seed is encrypted in and decryptors 34 and 36 (FIG. 2B) and memory storage for 

encryptor 24 using multi-session key MSK to provide multi-session key MSK (not shown) are mechanized within 

encrypted seed E^ (SEED). Multi-session key MSK a secure microprocessor that denies pirates access to keys 

comes from the service distributor 16. Encrypted seed E MSK 40 SSN ™ d MSK ' AUhough a pirate would still have access to 

(SEED) is placed in transport data stream TDS in a broad- ^ seed at the out P ut ^mals of the secure microprocessor, 

cast mode by multiplexer 20. Preferably, the seed is modified {he useful life of the seed is short since it is changed often, 

frequently, for example, ten times per second. Therefore, for example, ten times per second. 

encrypted seed H MSK (SEED) is broadcast to all decoders 40 FIG. 3 depicts conventional system 50 having national 

at, for example, ten times per second. In order to recover the 45 control center 52 that contains encoder 10. Transport data 

seed, decoder 40 must gain access to multi-session key stream TDS from encoder 10 is transmitted by an uplink 

MSK. transmitter of national control center 52 to satellite repeater 

Multi-session key MSK is distributed via transport data 54 Satellite repeater 54 transmits this signal so that cable 

stream TDS to authorized decoders 40 (i.e., decoders of head-end 56 receives the signal. Cable head end 56 

subscribers whose monthly bill has been paid). Preferably 50 ^-transmits this signal to decoders 40. 

multi-session key MSK is changed once a month. In order In the national transport data stream (NTDS), entitlement 

to distribute multi-session key MSK over transport data management message EMM, which is uniquely addressable 

stream TDS, the multi-session key is encrypted in encryptor to an individual decoder, contains the MSK encrypted with 

26 using secret serial number SSN as the encryption key to the particular decoder's SSN as well as service authorization 

provide encrypted multi-session key E^^SK). Since the 55 information for the particular decoder. In system 50 having 

encrypted multi-session key need only be provided to the national control center 52 that produces national transport 

decoders one time each month, it is possible to address the data stream NTDS, national control center 52 provides both 

encrypted multi-session key to each decoder individually, in the encrypted MSK (i.e., E J5N (MSK)) and the decoder 

contrast to broadcasting the encrypted seed to all decoders service authorization information. The national center gen- 

simultaneously. In practice, the MSK is addressed and sent, 60 erates the appropriate entitlement management messages 

in advance of it being needed, to each decoder many times and addresses them to the individual encoders. The cable 

during each month in order to ensure that, among other head-end operator simply acts as a conduit for this national 

reasons, it is decrypted and available when needed. Multi- transport data stream. 

plexer 20 places encrypted multi-session key E^ (MSK) in Some cable head-end operators, however, wish to have 

transport data stream IDS only when the subscriber has paid 65 local control over the service authorization information, 

his monthly bill. Each decoder 40 has stored within it a They want to have local control of a decoder's conditional 

unique secret serial number SSN and a corresponding public access to programs and to particular programs. However, the 
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local cable head-end operators do not feel a need to do their FIG. 3 is a block diagram of a known information 

own program encryption. They would like to maintain the distribution system; 

program encryption already performed at the national con- piG. 4 is a format diagram depicting how elementary data 

trol center. streams are encoded in transport packets according to the 

In many cable systems in use today, a national control 5 present invention; 

center performs all of the multiplexing of services, as well fig. 5 is a functional diagram of a decoder according to 

as the encryption of each service and the global encryption the present invention' 

of the entire payload part of the transport data stream. In mQ fi is a ^ ^ rf m tim 

such a system cable head-end operators essentially act as control m &axjTdia to „ of the 

conduits for this national signal. The national center also 10 . 

, ... * , . invention; 

handles all other conditional access duties including placing . 

service authorization information in entitlement manage- FIG ' 7 15 a ^^ona} block diagram of an encryption 

ment messages addressed to each decoder. contro1 s y stem accordin g t0 an °tor embodiment of the 

^ , . present invention; 

Other systems in use today allow the cable head-end 

operator to have local control over both conditional access 15 FIG ; 8 15 a b * oc k digram of an encryption 

and encryption. Some operators want the local control contro1 s y stem accordin g to another embodiment of the 

ability, but the equipment needed is, of course, more expen- P resent inventlon i 

sive. FIG. 9 is schematic diagram of an information distribu- 

Cable operators will want to somehow differentiate or 2Q tion systems according to another embodiment of the present 

control access to different market segments. For example, invention. 

suppose three cable companies were operating in a given DETAILED DESCRIPTION OF PREFERRED 

area. If all of them supplied their subscribers with a national RlvfR O D I M ENTS 
center's signal, someone subscribing to one company could 

easily lend his/her settop decoder to someone subscribing to 25 FIG. 4 is a format diagram of a representative transport 

another company. Thus, there is a need for a system which data stream. Video and audio data are prepared in the form 

would allow the cable head-end operator to continue using a packetized elementary stream having a header, a presen- 

the signal supplied by the national center, but yet be able to tation time stamp, and the video itself. The packetized 

control access to different market areas or segments. elementary stream is allocated into the payload section of 

30 one or more transport packets. Transport packets are pref- 

SUMMARY OF THE INVENTION erab i y 188 bits in length. Transport packets preferably 

It is an object to the present invention to provide a means include a synchronization block and prefix data followed by 

by which a local cable headend operator can distribute ^it^t standards referred to as MPEG-2 (actually 

national programming service data while controlling access IS0/IE ? 1381 8"1), incorporated herein by reference, define 

by his subscribers to the data. 35 Particular embodiments of the transport data stream. 

^ . , . Multiplexer/encryptor 64 combines individual transport 

Has and other objects are achieved in an encryption ^ ^ mtQ a frame of ^ 6Q 

control system to process an input transport data stream into _ . . , f . 
an output transport data stream that includes an input Of particular mterest to the present invention are entitle- 
denmltiplexer, a first secure microprocessor, a second secure ment mariagomentmessages EMM and enutlement control 
microprocessor and an output multiplexer. The input trans- « messages ECM. Thesemessages are multiplexed into the 
port data stream includes first entitlement management ^P 01 ' data stream TDS. Entitlement management mes- 
message data. The input demultiplexer culls the first entitle- "8 es , m ^dressed to a specific decoder or group of 
ment management message data from the input transport decoders. Entitlement control messages are broadcast to all 
data stream, the first entitlement management message data decoders. Seed data encrypted under a multi-session key is 
including an encrypted multi-session key. The first secure « mcluded "» "?e data transmitted in the entitlement control 
microprocessor processes the first entitlement management Entitlement control message ECM * sent repeat- 
message data to recover the multi-session key by decrypting at a . m ^ rate for example ten times a second 
the encrypted multi-session key using a first algorithm. The Multi-session key MSK, encrypted under a secret serial 
second secure microprocessor re-encrypts the multi-session °V m A er ' 18 mcl ? ded ln enWlement management message 
key using a second algorithm and formats second entitle- 50 EMM. The entitlement management message is addressed to 
ment management message data based on the first entitle- ,he decoder that has stored ln * the S6cret xnil numb6r med 
ment management message data with the re-encrypted *° encr yP l me multi-session key. Entitlement management 
multi-session key substituted for the encrypted multi-session messages ■» sent infrequently, for example, once per 
key. The output multiplexer provides the output transport mon,h - In P^tical use, the entitlement management mes- 
data stream based on the input transport data stream with the » »*» ■ xn{ manv times P 6r monm to cach decodcr » 
second entitlement management message data substituted ^ have ?» e opportunity to decrypt and store 
for the first entitlement management message data. mc multi-session key for the upcoming session (e.g., next 

month). At a particular point in time the entitlement control 

BRIEF DESCRIPTION OF DRAWINGS message will provide data indicating the switch over to the 

so new multi-session key which was received from an earlier 

The invention will be described in detail in the following entitlement management message 

description of preferred embodiments with reference to the FIG. 5 depicts a decoder according to the present inven- 

following figures wherein: aoQ for decoding ue mput transport data stream mto 

FIGS. 1 A and IB are basic functional diagrams of known decrypted services 109. De-multiplexer 72 separates from 

encryptors and decryptors, respectively; 65 the transport data stream the entitlement control message 74, 

FIGS. 2A and 2B are functional block diagrams of known the entitlement management message 76 and text data 78. 

encoders and decoders, respectively; Other payload portions of the transport data stream are 
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provided to decryptor 104. The de-multipiexer 72 provides into local entitlement management message (local EMM), 

similar functions to de-multiplexer 30 (FIG. 2B). Decoder Multiplexer 114 reassembles the national encrypted service 

70 includes secure microprocessor 80. Secure microproces- data, the national entitlement control message data, and the 

sor 80 includes secure memory 82 storing secret serial local entitlement management message into a local transport 

number SSN and multi-session key MSK. In secure micro- 5 data stream (local TDS). 

processor 80, conditional access logic 90 retrieves secret The national entitlement management message is pro- 
serial number SSN from secure memory 82 and provides the cessed in encryptor 124 to recover and store the multi- 
secret serial number to decryptor 84. Decryptor 84 processes session key in memory 126. The multi-session key is pro- 
entitlement management message 76 to recover multi- vided over a secure link 116 to encryptor 134. The mutli- 
session MSK at 92. Conditional access logic 90 stores 1Q session key is processed in encryptor 134 using secret serial 
multi-session MSK in secure memory 82. Then, conditional number from memory 132, and it is then placed into the local 
access logic 90 reads multi-session key MSK from secure entitlement management message. However, either (1) the 
memory 82 and provides it to decryptor 86. Decryptor 86 encryption algorithm used by encryptor 134 is different than 
processes entitlement control message 74 to recover a plu- the encryption algorithm used by the national center to 
rality of seeds and conditional access data 88. Conditional encrypt the multi-session key, or (2) the secret serial num- 
access logic 90 provides global seed 94 of seeds 88 to bers stored in memory 132 is different than secret serial 
decryptor 104. Conditional access logic 90 processes con- numbers stored in the comparable database used to encrypt 
ditional access data 88 to identify authorized services and the multi-session key at the national center, or (3) both, 
provides service selection signal 96 to service Subscribers of the cable head-end operator will require a 
de-multiplexer 106. Fot authorized services, conditional „ n decoder with a decryptor for decrypting the multi-session 
access logic 90 provides encrypted service seeds 98 from 2 ° h * s an ^thm compatible with encryptor 134 
seeds 88 to decryptor 100 for decryption under the multi- [ FI ^ *>• ^ ^ c ^ ders ° f fibers of the cable 
service key. For authorized services, Lryptor 100 provides h^d-end operator will have stored in them secret serial 
j inv. j * -i«o £ It. - j ■ numbers that correspond to the secret serial numbers stored 

seeds 102 to decryptors 108 for authorized services. ia ~ fr rin c\ a™ _r * *u * * *• 

}if in memory 132 (FIG. 6). According to the present invention, 

In FIG. 4, individual services (e.g., video 1 or audio 1) 25 a cable hcad . cnd operator having an encryption control 

may be encrypted under respective service seeds. The system 110 in his equipment, can securely provide the 

encrypted, or unencrypted services are formatted into data multi-session key to the decoders within his system; 

frame 60. The entirety of the services portion of data frame however, because of the unique encryption algorithm 134 

60 is encrypted under a global seed. The encrypted portion (i.e., unique to the cable head-end operator) and the unique 

of data frame 60 is processed in decryptor 104 (FIG. 5) using 30 list of secret serial numbers stored in memory 132, the 

global seed 94 to recover the individual services. The decoder provided to the subscriber of the cable head-end 

individual services may be encrypted or they may be unen- operator is not useable to receive national encrypted services 

crypted. The individual services are provided to multiplexer fr° m eitner the satellite repeater station or any other cable 

106 (FIG. 5) where the individual encrypted service data 107 head-end operator. In this way, the cable head-end operator 

is provided to decryptors 108. Decryptor 108 processes the 35 ma y dcm / acccss to me national services when, for example, 

encrypted service data 107 using seeds 102 to provide ^ subscriber does not pay his bill. Furthermore, the 

decrypted services 109 decoder provided to the subscriber of the cable head-end 

t rir , £ *. . , j ■ 1 j operator is not useable to receive encrypted services from 

In FIG. 6, encryption control system 110 includes ^ y caWe system SQ ^ are unlikely lo&ned ou , 



de-multiplexer 112, multiplexer 114, first secure micropro- 



^, — — , Y.n e < As described in U.S. Pat. No. 5,029,207, incorporated by 

cessor 120 and second microprocessor 130. Secure micro- 4 n c jj • i j j « u • 

„ n . , , : • 1 i_ reference, some decoders include decryptors having 
processor 120 mcludes secret serial number memory 122 re .p r0 grammable decryption algorithms and/or 
decryptor 124 and multi-session memory 126. Secret serial re-programmable secret serial numbers. Such decryptors are 
number memory 122 functions in the same way that secret ^programmable when specific addressed messages (e.g., 
serial number memory 32 (FIG. 2B) functions. Decryptor me entitlement management messages described herein) are 
124 functions in the same that decryptor 34 (FIG. 2B) 45 received by the particular decoder or group of decoders 
functions. Memory 126 functions in the same way that being addressed. When the national center uses this type of 
memory 82 (FIG. 5) functions. decoder, the local cable head-end operator may purchase and 
Second secure microprocessor 130 includes secret serial resell this type of decoder to his subscribers. Then the cable 
number memory 132 and encryptor 134. Memory 132 head-end operator may send appropriate entitlement man- 
functions in the same way that memory 18 (FIG. 2A) so agement messages to individual decoders to change the 
functions, and encryptor 134 functions in the same way that algorithm used to decrypt the multi-session key or change 
encryptor 26 (FIG. 2A) functions. De-multiplexer 112 func- the secret serial number address of the decoder. In this way 
tions in the same way that de-multiplexer 30 (FIG. 2B) a larger market exists for a single decoder design, and the 
functions. Multiplexer 114 functions in the same way that cable head-end operator may provide the decoders to his 
multiplexer 20 (FIG. 2 A) functions. 55 subscribers at a lower cost based on the larger market. 

In a typical operation, a national source of transport data In FIG. 7, encryption control system 140 includes 
stream TDS is uplinked to a satellite repeater station. The de-multiplexer 112, multiplexer 114, first secure micropro- 
satellite repeater station downilnks the broadcast of the cessor 120 and second secure microprocessor 130. First 
national transport data stream TDS to a plurality of cable secure microprocessor 120 includes secret serial number 

head -end operators, at least one of which has encryption 60 memory 122, decryptor 124 and multi-service key memory 
control system 110 within its equipment. The cable head-end 126 performing substantially the same function as is per- 
operator receives the national transport data stream TDS and formed in secure microprocessor 120 of encryption control 
de-multiplexes the data stream into national encrypted ser- system 110 (FIG. 6). Secure microprocessor 120 of encryp- 
vice data stream a national entitlement control message tion control system 140 (FIG. 7) also includes decryptor 142 

(national ECM) and a national entitlement management 65 to process the national entitlement control message using the 
message (national EMM). The national entitlement manage- multi-session key to recover seed data and service authori- 
ment message is processed in encryption control system 110 zation data. 
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Second secure microprocessor 130 of encryption control agreement between national center and the local cable 
system 140 (FIG. 7) includes secret serial number memory head-end operator. In decoder 70 (FIG. 5) global seed 94 
122, decryptor 124, multi-session key memory 126 and will be correctly recovered. However, encrypted service 
encryptor 144. Memory 122, decryptor 124 and memory 126 seeds 98 (FIG. 5) are encrypted under a multi-service key 
perform substantially the same functions as are performed in 5 that is transmitted to all of the subscribers of the national 
memory 122 decryptor 124 and memory 126 of secure center This corresponds to the multi-session key stored in 
microprocessor 120 of encryption control system 110 (FIG. memory 126 of secure microprocessor 120 of encryption 
6), the function being to recover the multi-session key. control system 140 (FIG. 7). Unfortunately, it is the special 
Encryptor 144 processes seed and service authorization data multi-session key stored in memory 126 of second secure 
using the multi-session key retrieved from memory 126 to 10 microprocessor 130 that would be transmitted by special 
provide local entitlement control messages. Multiplexer 144 agreement between the national center and the local head- 
reformats a local transport data stream from the national end operator in the national entitlement management mes- 
transport data stream with the national entitlement control sa S e addresse d to the decoders of the subscribers of the local 
message replaced by the local entitlement control message. head-end operators. Thus, the subscribers of the local head- 
Cable head-end operators having encryption control sys- 15 ™d operator would be able to recover only the special 

tern 140 in their equipment, may provide decoders to their ™Sl^r h T* 
u u ui u J j . . j u . seeds 102 (FIG. 5). However, such arrangement may have 
subscribers of the cable head-end operators, decoders having utflit ^ are ^nt unencrypted, the 
a special (re., unique) decryption algorithm for decrypting block of data be - loball e ted , 
the seed using the mulu-session key. The encryptor 144 of [n FIG s? encryption tem 150 d^it^r 
encryption control system 140 encrypts the seed usmg an 20 m mult jpi exer U4f first secure m i cropr ocessor 120, sec- 
encryption algorithm that corresponds to the seed decryption ond sccure microprocessor 130, seed generator 152, global 
algorithm provided in the decoders. In this way, the decoders service decryptor 154 and global service encryptor 156. In 
so provided are only able to receive seeds when connected FIG. 8, global seed 94 (FIG. 5) is recovered and provided to 
to the particular cable head-end operators equipment. Since global service decryptor 154. National encrypted service 
the local entitlement control message is broadcast to all 2 5 data is processed in global service decryptor 154 using 
decoders in the cable head-end operator's system, it is not global seed 94 to recover an unencrypted frame of service 
possible to disable individual decoders. However, the cable data. However, the unencrypted frame of service data may 
head-end operator may alter the service authorization data have individual services encrypted, but the frame of service 
decrypted in decryptor 142 prior to being re-encrypted in data is unencrypted. Seed generator 152 simultaneously 
encryptor 144 so as to provide a more limited service (i.e., 30 provides a new seed to global service encryptor 156 and seed 
lower cost service offering) to his subscribers. encryptor 144 of second secure microprocessor 130 of 

As discussed above with respect to FIG. 6, encryption control system 150. 

re-programmable decoders may be provided to the subscrib- In operation, encryption control system 150 recovers an 

ers of the local cable head-end operator under terms that the unencrypted frame of service data from global service 

national center will provide certain specific reprogrmmmg 35 decryptor 154 using global seed 94. Then, the unencrypted 

services for the local cable head-end operator. It is preferable service data is re-encrypted in service encryptor 156 using a 

that the national center provide these re-programming ser- new seed. Simultaneously, the new seed is provided to seed 

vices since the national center prepares the entitlement encryptor 144 where it is encrypted under the multi-session 

management messages addressed to each individual sub- key stored in memory 126 and incorporated in a local 

scriber. Alternatively, the local cable head-end operator 40 entitlement control message. Multiplexer 114 combines the 

could provide these services if provided with the necessary local entitlement control message with the national entitle- 

secret serial number of the decoders and decryption algo- ment management message and the locally re-encrypted 

rithms of the decoder. The service provided by the national service data to form a local transport data stream. The 

center is to re-program the decryption algorithm used to decoder, for example, decoder 70 of FIG. 5, decodes various 

decrypt the seed data (different than to recover the multi- 45 services, encrypted with the new seed, in the same way that 

session key). In this way, the local cable he ad -end operator it would decode the same services when the seed is gener- 

encrypts seed data in encryptor 144 with an encryption ated by the national center. The decoder is unable to detect 

algorithm compatible with the reprogrammed decoder of his the difference, 

subscriber. This provides a large market for the A unique encryption algorithm may be used for either (1) 
re-programmable decoder while defeating the utility of 50 global service encryptor 156, or (2) seed encryptor 144, or 
taking the re-programmable decoder to another cable net- (3) both. The unique encryption algorithm corresponds to a 
work. Thus, those cable head-end operators who provide respective decrypted algorithm contained in decoder 70 
these re-programmable encoders are less likely to loose their (FIG. 5) provided to the subscribers of the local cable 
investment. head-end operator. In this way, the national entitlement 
It is also possible for the national center to provide 55 management message is used to deliver the multi-session 
addressed entitlement management messages to the indi- key to each decoder including decoders of subscribers of 
vidual subscribers of the local cable head-end operator with cable head-end operators not having encryption control 
a unique multi-session key, and provide the same multi- system 150 in its equipment. However, decoders with 
session key in an entitlement management message decryption algorithms corresponding to the encryption algo- 
addressed to second secure microprocessor 130 of encryp- 60 rithms used in seed encryptor 144 and global service encryp- 
tion control system 140 (FIG. 7) so that seed and service tor 156 are unusable on other cable systems. Furthermore, 
authorization data will be encrypted under this special should the decoders in question be re-programmable, by 
multi-session key. That is to say, the multi-session key used agreement between the national center and the local head- 
in first secure microprocessor 120 is different than the end operator, it is possible for the national center to 
multi-session key used in second secure microprocessor 130 65 re-program the decryption algorithms in the decoders that 
of encryption control system 140 (FIG. 7). This process to correspond to the encryption algorithms used in seed 
deliver the special multi-session key can be arranged by encryptor 144 and global service encryptor 156. 
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In FIG. 9, information distribution system 160 includes 
national center 162, satellite repeater 164, first user station 
170 and second user station 180. First user station 170 
includes receiver 172, cable head-end modulator 174 and at 
least one digital settop terminal 176. User station 180 5 
includes receiver 172 local encryption control system 182, 
cable head-end modulator 174 and advance digital settop 
terminal 184. 

Encryption control system 182 may be any one of encryp- 
tion control system 110, 140, or 150. In a variant of 10 
encryption system 110, multi-session key encryptor 134 
includes a two stage encryption where a first secret serial 
number encrypts the multi-session key to provide a once 
encrypted key and then the once encrypted key is processed 
through a further encryptor using a second secret serial 15 
number to provide a twice encrypted key. The twice 
encrypted key incorporated is in the local entitlement man- 
agement message and transmitted in the local transport data 
stream (FIG. 6). The local transport data stream is modulated 
in cable head -end modulator 174 and transported to 20 
advanced digital settop terminal 184. Advanced digital set- 
top terminal 184 is, for example, a settop terminal having a 
fixed security element integral with the decoder and a 
replaceable security module (i.e., smart card) pluggable into 
the decoder. For example, see U.S. Pat. No. 5,029,207, 25 
incorporated herein by reference. Advance digital settop 
terminal 184 includes two decryptors to recover the twice 
encrypted multi-session key. One decryptor is included in 
the fixed security element of the set top terminal itself (i.e, 
decoder) and the other decryptor is included in the remov- 30 
able security module (i.e., smart card). 

In practice, a cable system operator having the same 
equipment as first user station 170 is only capable of 
transporting the national transport data stream to the local 
subscribers. Such an operator may upgrade his equipment by 35 
adding encryption control system 182 and/or sending a 
corresponding replaceable security module (i.e, smart card), 
to his subscribers. There is no need to replace all of the 
existing settop terminals. 

Persons skilled in the art will appreciate that techniques 40 
described with respect to FIGS. 6-9 may be mixed and 
combined to provide any desired level of control. With 
appropriate mixtures the local cable head-end operator may 
disconnect subscribers who have failed to timely pay their 45 
bills, and provide low cost service offerings to subscribers 
by modifying conditional access data. 

Having described preferred embodiments of a novel appa- 
ratus and method for local encryption of a global transport 
data stream (which are intended to be illustrative and not 50 
limiting), it is noted that modifications and variations can be 
made by persons skilled in the art in light of the above 
teachings. It is therefore to be understood that changes may 
be made in the particular embodiments of the invention 
disclosed which are within the scope and spirit of the 55 
invention as defined by the appended claims. 

Having thus described the invention with the details and 
particularity required by the patent laws, what is claimed and 
desired protected by letters patent is set forth in the 
appended claims: 60 

What is claimed is: 

1. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
management message data, the system comprising: 6 $ 

an input demultiplexer to cull the first entitlement man- 
agement message data from the input transport data 



to 

stream, the first entitlement management message data 
including an encrypted multi-session key; 

a first secure microprocessor to process the first entitle- 
ment management message data to recover the multi- 
session key by decrypting the encrypted multi-session 
key using a first algorithm; 

a second secure microprocessor to re-encrypt the multi- 
session key using a second algorithm and to format 
second entitlement management message data based on 
the first entitlement management message data with the 
re-encrypted multi-session key substituted for the 
encrypted multi-session key; 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitlement management message data substi- 
tuted for the first entitlement management message 
data. 

2. The system of claim 1, further comprising first and 
second decoders wherein: 

the first decoder includes first circuitry for recovering the 
multi-session key from the first entitlement manage- 
ment message data, the first circuitry being incapable of 
recovering the multi-session key from the second 
entitlement management message data; and 

the second decoder includes second circuitry for recov- 
ering the multi-session key from the second entitlement 
management message data, the second circuitry being 
incapable of recovering the multi-session key from the 
first entitlement management message data. 

3. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
management message data, the system comprising: 

an input demultiplexer to cull the first entitlement man- 
agement message data from the input transport data 
stream, the first entitlement management message data 
including an encrypted multi-session key; 

a first secure microprocessor to process the first entitle- 
ment management message data to recover the 
encrypted multi-session key by decrypting the 
encrypted multi-session key using a first secret serial 
number; 

a second secure microprocessor to re-encrypt the multi- 
session key using a second secret serial number and to 
format second entitlement management message data 
based on the first entitlement management message 
data with the re -encrypted multi-session key substi- 
tuted for the encrypted multi-session key; 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitlement management message data substi- 
tuted for the first entitlement management message 
data. 

4. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
control message data, the system comprising: 

a circuit for receiving a multi-session key; 

an input demultiplexer to cull the first entitlement control 
message data from the input transport data stream, the 
first entitlement control message data including 
encrypted seed data; 

a decryptor to process the first entitlement control mes- 
sage data to recover seed data by decrypting the 
encrypted seed data using the multi-session key and a 
first algorithm; 
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an encryptor to process the recovered seed data using the 
multi-session key and a second algorithm to provide 
re-encrypted seed data and to format second entitle- 
ment control message data based on the first entitle- 
ment control message data with the re -encrypted seed 
data substituted for the encrypted seed data; and 
an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitlement control message data substituted for 
the first entitlement control message data. 
5. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
control message data and first encrypted service data, the 
system comprising: 

a circuit for receiving a multi-session key; 

an input demultiplexer to cull the first entitlement control 
message data and the first encrypted service data from 
the input transport data stream, the first entitlement 
control message data including encrypted seed data; 

a first decryptor to process the first entitlement control 
message data to recover first seed data by decrypting 
the encrypted seed data using the multi-session key; 

a second decryptor to process the first encrypted service 
data using the first seed data to recover unencrypted 
service data; 

a seed generator to generate second seed data; 

a first encryptor to process the second seed data using the 
multi-session key to provide re-encrypted seed data and 
to format second entitlement control message data 
based on the first entitlement control message data with 
the re-encrypted seed data substituted for the encrypted 
seed data; 

a second encryptor to process the unencrypted service 
data using the second seed data to provide second 
encrypted service data; and 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitlement control message data substituted for 
the first entitlement control message data and the 
second encrypted service data substituted for the first 
encrypted service data. 
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6. An information distribution system to broadcast a 
transport data stream through a repeater station to user 
stations, the transport data stream including first and second 
entitlement management message data, the first entitlement 

5 management message data including a multi-session key 
encrypted using a first algorithm, the second entitlement 
management message data including the multi-session key 
encrypted using a second algorithm, the-information distri- 
bution system comprising: 

a control center to transmit the transport data stream to the 

repeater station; 
a first user station to receive the transport data stream 
from the repeater station, the first user station providing 
15 the transport data stream to a first plurality of decoders 
without controlling the decoders' access to the trans- 
port data stream; and 
a second user station to receive the transport data stream 
from the repeater station, the second user station pro- 
viding the transport data stream to a second plurality of 
decoders while controlling the decoders' access to the 
transport data stream. 

7. The system of claim 6, wherein decoders of the first 
25 plurality of decoders recover the multi-session key from the 

first entitlement management message data by decryption 
based on the first algorithm, and wherein the second user 
station includes: 

a circuit for recovering the multi-session key from the 
30 second entitlement management message data by 
decrypting the encrypted multi-session key based on 
the second algorithm; 
a memory to store a local key; 
35 an encryptor to re-encrypt the multi-session key using the 
local key and the second algorithm to provide third 
entitlement management message data; and 
an output multiplexer to provide a local data stream to the 
second plurality of decoders based on the transport data 
40 stream with the third entitlement management message 
data substituted for the second entitlement management 
message data. 

* * * * + 
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